38k6gfy.3ultimateamen.men Open in urlscan Pro
43.201.46.18  Public Scan

73 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 38k6gfy.3ultimateamen.men/	25 KB 6 KB	3928ms 388ms	Document text/html	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 61487252bef2a854bce64c70b3a3e0f55a10f4c4654524768e4d5453280910f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html;charset=utf-8 date Thu, 21 Mar 2024 11:39:19 GMT expires Thu, 19 Nov 1981 08:52:00 GMT platform cdngreat.com pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding
GET H2	200	jquery.min.js Show response 38k6gfy.3ultimateamen.men/assets/js/	87 KB 34 KB	534ms 529ms	Script application/javascript	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://38k6gfy.3ultimateamen.men/assets/js/jquery.min.js Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:19 GMT content-encoding gzip cl-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 09 Jan 2024 15:14:26 GMT server nginx etag W/"659d62d2-15d84" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=43200 platform cdngreat.com expires Thu, 21 Mar 2024 23:39:19 GMT
GET H2	200	bootstrap.min.css 38k6gfy.3ultimateamen.men/assets/css/	157 KB 29 KB	532ms 528ms	Stylesheet text/css	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://38k6gfy.3ultimateamen.men/assets/css/bootstrap.min.css Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:19 GMT content-encoding gzip cl-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 09 Jan 2024 15:14:26 GMT server nginx etag W/"659d62d2-27288" vary Accept-Encoding content-type text/css cache-control max-age=43200 platform cdngreat.com expires Thu, 21 Mar 2024 23:39:19 GMT
GET H2	200	style.css 38k6gfy.3ultimateamen.men/template/default/css/	7 KB 3 KB	493ms 489ms	Stylesheet text/css	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://38k6gfy.3ultimateamen.men/template/default/css/style.css?v=20220611 Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 5e4b99b0a4b5780da1d136400ced9e773f08591bfffdc0ec72ac96a62656430a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:19 GMT content-encoding gzip cl-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 09 Jan 2024 15:14:26 GMT server nginx etag W/"659d62d2-1c60" vary Accept-Encoding content-type text/css cache-control max-age=43200 platform cdngreat.com expires Thu, 21 Mar 2024 23:39:19 GMT
GET H2	200	font.css 38k6gfy.3ultimateamen.men/template/default/css/	268 B 537 B	496ms 492ms	Stylesheet text/css	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://38k6gfy.3ultimateamen.men/template/default/css/font.css Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash a6b350f447b9b9f4f8ff0b2a1a50193fd3e1d1a848391a8df5bbf88b28d494a8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cl-cache-status MISS last-modified Tue, 09 Jan 2024 15:14:26 GMT server nginx etag "659d62d2-10c" content-type text/css cache-control max-age=43200 accept-ranges bytes platform cdngreat.com content-length 268 expires Thu, 21 Mar 2024 23:39:19 GMT
GET H2	200	tag.css 38k6gfy.3ultimateamen.men/template/default/css/	5 KB 1 KB	483ms 480ms	Stylesheet text/css	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://38k6gfy.3ultimateamen.men/template/default/css/tag.css?v=20220611 Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 8e8e6c8504e50c8471c5b2651b3c04513810c2cad54272a6d65498babf7fa7af Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:19 GMT content-encoding gzip cl-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 09 Jan 2024 15:14:26 GMT server nginx etag W/"659d62d2-1211" vary Accept-Encoding content-type text/css cache-control max-age=43200 platform cdngreat.com expires Thu, 21 Mar 2024 23:39:19 GMT
GET H2	200	background.jpg 38k6gfy.3ultimateamen.men/assets/img/	188 KB 188 KB	531ms 529ms	Image image/jpeg	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://38k6gfy.3ultimateamen.men/assets/img/background.jpg Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 232dc85b5af549aded87dabcf8b33e98596e03325e43a059b415fdd442e0f8a5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:19 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cl-cache-status MISS last-modified Thu, 20 Jul 2023 15:45:58 GMT server nginx etag "64b956b6-2ef78" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes platform cdngreat.com content-length 192376 expires Sat, 20 Apr 2024 11:39:19 GMT
GET H2	200	he-simple-common.js Show response widget.qweather.net/simple/static/js/	400 B 982 B	581ms 101ms	Script application/javascript	47.246.23.218 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0 Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 47.246.23.218 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash f5fcf7ac4d360347e93f79cd03da6120980a2d63f5568abbbb53d34ae99bb781 Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 19 Mar 2024 06:13:59 GMT via cache23.l2us1[0,0,304-0,H], cache16.l2us1[0,0], ens-cache4.us22[0,0,200-0,H], ens-cache12.us22[0,0] x-oss-request-id 65F92D274929FD343379F79A content-md5 2rCNPV/2GxbZy5Hv6yJuog== age 192320 x-swift-cachetime 600689 x-cache HIT TCP_MEM_HIT dirn:7:628229520 x-oss-cdn-auth success x-swift-savetime Tue, 19 Mar 2024 07:22:30 GMT content-length 400 x-oss-object-type Normal last-modified Mon, 25 Dec 2023 10:42:16 GMT server Tengine etag "DAB08D3D5FF61B16D9CB91EFEB226EA2" ali-swift-global-savetime 1710828839 content-type application/javascript access-control-allow-origin * cache-control max-age=604800 x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 5649468513145802470 eagleid 2ff617a017110211597375767e x-oss-server-time 2
GET H/1.1	200 OK	20231015052507333.png 6hgoogle.com/files/upload/	2 KB 2 KB	1028ms 267ms	Image image/png	38.145.216.54 ENZUINC-
General Check archive.org Show headers Download Go to Show image Full URL https://6hgoogle.com/files/upload/20231015052507333.png Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 38.145.216.54 Chicago, United States, ASN18978 (ENZUINC-, US), Reverse DNS 54.216-145-38.rdns.scalabledns.com Software nginx / Resource Hash 05695bf553785bf0b39a402a4317ca6da0a34555fd82a468c0f60e3eb07b9e4b Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Thu, 21 Mar 2024 11:39:20 GMT Last-Modified Sun, 15 Oct 2023 09:25:07 GMT Server nginx ETag "652baff3-719" X-Cache-Status EXPIRED Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 1817 Expires Sat, 20 Apr 2024 11:39:20 GMT
GET H/1.1	200 OK	20231117070754996.png 6hsogou.com/files/upload/	2 KB 2 KB	990ms 256ms	Image image/png	38.145.216.54 ENZUINC-
General Check archive.org Show headers Download Go to Show image Full URL https://6hsogou.com/files/upload/20231117070754996.png Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 38.145.216.54 Chicago, United States, ASN18978 (ENZUINC-, US), Reverse DNS 54.216-145-38.rdns.scalabledns.com Software nginx / Resource Hash f5e6af21f046d4725495e620937c1df541669ea45eb30e56bded87670d28e468 Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Thu, 21 Mar 2024 11:39:21 GMT Last-Modified Fri, 17 Nov 2023 11:07:54 GMT Server nginx ETag "6557498a-6bd" X-Cache-Status EXPIRED Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 1725 Expires Sat, 20 Apr 2024 11:39:21 GMT
GET H/1.1	200 OK	20231015050707797.png 6hgoogle.com/files/upload/	4 KB 5 KB	659ms 268ms	Image image/png	38.145.216.54 ENZUINC-
General Check archive.org Show headers Download Go to Show image Full URL https://6hgoogle.com/files/upload/20231015050707797.png Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 38.145.216.54 Chicago, United States, ASN18978 (ENZUINC-, US), Reverse DNS 54.216-145-38.rdns.scalabledns.com Software nginx / Resource Hash eefab92674cff8b2ce8031fc1de9617eebde0fdeca4315557e367cabe3350eaf Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Thu, 21 Mar 2024 11:39:20 GMT Last-Modified Sun, 15 Oct 2023 09:07:07 GMT Server nginx ETag "652babbb-10b7" X-Cache-Status EXPIRED Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 4279 Expires Sat, 20 Apr 2024 11:39:20 GMT
GET H2	200	bootstrap.min.js Show response 38k6gfy.3ultimateamen.men/assets/js/	59 KB 18 KB	450ms 447ms	Script application/javascript	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://38k6gfy.3ultimateamen.men/assets/js/bootstrap.min.js Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 14cdd3786f68d3d59c5c8a5daf6826db72a9cfb4a73a314ee88d981d6375db93 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:20 GMT content-encoding gzip cl-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 09 Jan 2024 15:14:26 GMT server nginx etag W/"659d62d2-eb0f" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=43200 platform cdngreat.com expires Thu, 21 Mar 2024 23:39:20 GMT
GET H2	200	script.js Show response 38k6gfy.3ultimateamen.men/template/default/js/	7 KB 4 KB	449ms 446ms	Script application/javascript	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://38k6gfy.3ultimateamen.men/template/default/js/script.js?v=20220611 Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 23ae95ee0feedfac41f8370d4b28e1621860b494e15cdfdf03481028bc378237 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:20 GMT content-encoding gzip cl-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 09 Jan 2024 15:14:26 GMT server nginx etag W/"659d62d2-1c0a" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=43200 platform cdngreat.com expires Thu, 21 Mar 2024 23:39:20 GMT
GET H2	200	svg.js Show response 38k6gfy.3ultimateamen.men/assets/js/	200 KB 82 KB	448ms 445ms	Script application/javascript	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://38k6gfy.3ultimateamen.men/assets/js/svg.js Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash aae9ba5999ca21c017f24416ffcc4c580f87cd10c7446208af2101abac5d918f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:20 GMT content-encoding gzip cl-cache-status MISS strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 09 Jan 2024 15:14:26 GMT server nginx etag W/"659d62d2-31e44" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=43200 platform cdngreat.com expires Thu, 21 Mar 2024 23:39:20 GMT
GET H2	200	z.js Show response s9.cnzz.com/	10 KB 5 KB	1096ms 364ms	Script application/javascript	240e:944:1:900:3::3f1 CHINATELECOM-SHAN...
General Check archive.org Show headers Download Go to Full URL https://s9.cnzz.com/z.js?id=1281322198 Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 240e:944:1:900:3::3f1 , China, ASN58541 (CHINATELECOM-SHANDONG-QINGDAO-IDC Qingdao,266000, CN), Reverse DNS Software Tengine / Resource Hash 74739fe83dfccec7af23bdc9d7a83911fd076af10e3876dfc956492c6e751fd5 Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:20 GMT via cache74.l2cn3135[58,63,304-0,M], cache14.l2cn3135[64,0], cache6.cn373[65,65,200-0,H], cache19.cn373[66,0] content-encoding gzip age 0 x-swift-cachetime 300 x-cache HIT TCP_REFRESH_HIT dirn:12:849876072 x-swift-savetime Thu, 21 Mar 2024 11:39:21 GMT content-length 4398 server Tengine etag W/"1624997309978123522" vary accept-encoding ali-swift-global-savetime 1711021161 content-type application/javascript cache-control public, max-age=300 timing-allow-origin * eagleid 968a902717110211610356251e
GET H2	200	he-simple.css widget.qweather.net/simple/static/css/	9 KB 2 KB	105ms 103ms	Stylesheet text/css	47.246.23.218 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://widget.qweather.net/simple/static/css/he-simple.css?v=1.5.0 Requested by Host: widget.qweather.net URL: https://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 47.246.23.218 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash a0c9e10401f67916a60d1b104656c37a0f011c060859f191e03f790c2222bc13 Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 14:27:20 GMT content-encoding gzip via cache37.l2us1[0,0,200-0,H], cache25.l2us1[1,0], ens-cache4.us22[0,0,200-0,H], ens-cache12.us22[0,0] x-oss-request-id 65F6FDC8EE34453834854915 content-md5 EMSmLdlm7EYOzH+c8Izqeg== age 335520 x-swift-cachetime 457490 x-cache HIT TCP_MEM_HIT dirn:12:154046493 x-oss-cdn-auth success x-swift-savetime Tue, 19 Mar 2024 07:22:30 GMT content-length 1922 x-oss-object-type Normal last-modified Mon, 25 Dec 2023 10:42:16 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1710685640 content-type text/css access-control-allow-origin * cache-control max-age=604800 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 10749526672032095620 eagleid 2ff617a017110211602206122e x-oss-server-time 58
GET H2	200	he-simple.js Show response widget.qweather.net/simple/static/js/	169 KB 57 KB	122ms 120ms	Script application/javascript	47.246.23.218 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://widget.qweather.net/simple/static/js/he-simple.js?v=1.5.0 Requested by Host: widget.qweather.net URL: https://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 47.246.23.218 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 3f1ba3cf6e84a4ad74aabdf15b2b0b5c811c5059bb1243200f7f886890fe762b Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 05:37:56 GMT content-encoding gzip via cache20.l2us1[0,0,200-0,H], cache13.l2us1[0,0], ens-cache16.us22[0,0,200-0,H], ens-cache12.us22[0,0] x-oss-request-id 65F7D33460D19E323167A875 content-md5 UsEssXoY1OoKZSFEUIYYEA== age 280883 x-swift-cachetime 512127 x-cache HIT TCP_MEM_HIT dirn:12:356311092 x-oss-cdn-auth success x-swift-savetime Tue, 19 Mar 2024 07:22:30 GMT content-length 57665 x-oss-object-type Normal last-modified Mon, 25 Dec 2023 10:42:16 GMT server Tengine vary Accept-Encoding ali-swift-global-savetime 1710740277 content-type application/javascript access-control-allow-origin * cache-control max-age=604800 x-oss-storage-class Standard timing-allow-origin * x-oss-hash-crc64ecma 1845821478945503741 eagleid 2ff617a017110211602206123e x-oss-server-time 34
GET H2	200	MicroExtendFLF.ttf 38k6gfy.3ultimateamen.men/template/default/css/	36 KB 36 KB	471ms 470ms	Font application/octet-stream	43.201.46.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://38k6gfy.3ultimateamen.men/template/default/css/MicroExtendFLF.ttf Requested by Host: 38k6gfy.3ultimateamen.men URL: https://38k6gfy.3ultimateamen.men/template/default/css/font.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 43.201.46.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-201-46-18.ap-northeast-2.compute.amazonaws.com Software nginx / Resource Hash 9228f8c7285383594b16e9aeb1bb34824afc98f1705618bfc532222a97a32b6c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://38k6gfy.3ultimateamen.men/template/default/css/font.css Origin https://38k6gfy.3ultimateamen.men accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:21 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 09 Jan 2024 15:14:26 GMT server nginx etag "659d62d2-8e6c" content-type application/octet-stream accept-ranges bytes platform cdngreat.com content-length 36460
POST H2	200	stat.htm z12.cnzz.com/	2 B 123 B	1034ms 337ms	Ping text/html	2409:8c20:5c64:2000::6 CMNET-JIANGSU-AP ...
General Check archive.org Show headers Download Go to Full URL https://z12.cnzz.com/stat.htm?id=1281322198&r=&lg=en-us&ntime=none&cnzz_eid=670246454-1711021161-&showp=1600x1200&p=https%3A%2F%2F38k6gfy.3ultimateamen.men%2F&t=876%E8%81%AF%E5%90%88%E5%9C%96%E5%BA%AB&umuuid=18e60cefb517c5-0b1fdedc1fb11b-64345551-1d4c00-18e60cefb52758&h=1 Requested by Host: s9.cnzz.com URL: https://s9.cnzz.com/z.js?id=1281322198 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 2409:8c20:5c64:2000::6 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN), Reverse DNS Software Tengine / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers accept-language en-US,en;q=0.9 Referer https://38k6gfy.3ultimateamen.men/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 21 Mar 2024 11:39:22 GMT content-encoding gzip server Tengine vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	c.js Show response c.cnzz.com/	907 B 843 B	311ms 308ms	Script application/javascript	240e:944:1:900:3::3f1 CHINATELECOM-SHAN...
General Check archive.org Show headers Download Go to Full URL https://c.cnzz.com/c.js?web_id=1281322198&t=z Requested by Host: s9.cnzz.com URL: https://s9.cnzz.com/z.js?id=1281322198 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 240e:944:1:900:3::3f1 , China, ASN58541 (CHINATELECOM-SHANDONG-QINGDAO-IDC Qingdao,266000, CN), Reverse DNS Software Tengine / Resource Hash 427e9daaa18f60041b58afa9b52d818ee47f8296b7047865b05f05ebdd891404 Request headers Referer https://38k6gfy.3ultimateamen.men/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 21 Mar 2024 11:39:21 GMT via cache62.l2cn3135[49,48,304-0,M], cache13.l2cn3135[52,0], cache10.cn373[52,52,200-0,H], cache19.cn373[53,0] content-encoding gzip age 0 x-swift-cachetime 321 x-cache HIT TCP_REFRESH_HIT dirn:11:490996226 x-swift-savetime Thu, 21 Mar 2024 11:39:21 GMT content-length 591 server Tengine etag W/"8035063272506124949" vary accept-encoding ali-swift-global-savetime 1711021161 content-type application/javascript cache-control public, max-age=321 timing-allow-origin * eagleid 968a902717110211614446622e

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap function| show object| WIDGET object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1281322198 string| ahtml

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			38k6gfy.3ultimateamen.men/	1969-12-31 23:59:59	Name: PHPSESSID Value: l17tk0i8c3c9nnrbaofhihp9ia
			.3ultimateamen.men/	1970-01-20 23:39:05	Name: UM_distinctid Value: 18e60cefb517c5-0b1fdedc1fb11b-64345551-1d4c00-18e60cefb52758
			38k6gfy.3ultimateamen.men/	1970-01-20 23:39:05	Name: CNZZDATA1281322198 Value: 670246454-1711021161-%7C1711021161

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://38k6gfy.3ultimateamen.men/ Message: Mixed Content: The page at 'https://38k6gfy.3ultimateamen.men/' was loaded over HTTPS, but requested an insecure element 'http://6hgoogle.com/files/upload/20231015052507333.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://38k6gfy.3ultimateamen.men/ Message: Mixed Content: The page at 'https://38k6gfy.3ultimateamen.men/' was loaded over HTTPS, but requested an insecure element 'http://6hgoogle.com/files/upload/20231015052507333.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://38k6gfy.3ultimateamen.men/ Message: Mixed Content: The page at 'https://38k6gfy.3ultimateamen.men/' was loaded over HTTPS, but requested an insecure element 'http://6hsogou.com/files/upload/20231117070754996.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://38k6gfy.3ultimateamen.men/ Message: Mixed Content: The page at 'https://38k6gfy.3ultimateamen.men/' was loaded over HTTPS, but requested an insecure element 'http://6hgoogle.com/files/upload/20231015052507333.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://38k6gfy.3ultimateamen.men/ Message: Mixed Content: The page at 'https://38k6gfy.3ultimateamen.men/' was loaded over HTTPS, but requested an insecure element 'http://6hgoogle.com/files/upload/20231015050707797.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://38k6gfy.3ultimateamen.men/(Line 227) Message: Mixed Content: The page at 'https://38k6gfy.3ultimateamen.men/' was loaded over HTTPS, but requested an insecure element 'http://6hgoogle.com/files/upload/20231015052507333.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://38k6gfy.3ultimateamen.men/(Line 227) Message: Mixed Content: The page at 'https://38k6gfy.3ultimateamen.men/' was loaded over HTTPS, but requested an insecure element 'http://6hgoogle.com/files/upload/20231015052507333.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://38k6gfy.3ultimateamen.men/(Line 227) Message: Mixed Content: The page at 'https://38k6gfy.3ultimateamen.men/' was loaded over HTTPS, but requested an insecure element 'http://6hsogou.com/files/upload/20231117070754996.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://38k6gfy.3ultimateamen.men/(Line 227) Message: Mixed Content: The page at 'https://38k6gfy.3ultimateamen.men/' was loaded over HTTPS, but requested an insecure element 'http://6hgoogle.com/files/upload/20231015052507333.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://38k6gfy.3ultimateamen.men/(Line 227) Message: Mixed Content: The page at 'https://38k6gfy.3ultimateamen.men/' was loaded over HTTPS, but requested an insecure element 'http://6hgoogle.com/files/upload/20231015050707797.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://s9.cnzz.com/z.js?id=1281322198 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1281322198&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://s9.cnzz.com/z.js?id=1281322198 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/c.js?web_id=1281322198&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

38k6gfy.3ultimateamen.men
6hgoogle.com
6hsogou.com
c.cnzz.com
s9.cnzz.com
widget.qweather.net
z12.cnzz.com
2409:8c20:5c64:2000::6
240e:944:1:900:3::3f1
38.145.216.54
43.201.46.18
47.246.23.218
05695bf553785bf0b39a402a4317ca6da0a34555fd82a468c0f60e3eb07b9e4b
14cdd3786f68d3d59c5c8a5daf6826db72a9cfb4a73a314ee88d981d6375db93
232dc85b5af549aded87dabcf8b33e98596e03325e43a059b415fdd442e0f8a5
23ae95ee0feedfac41f8370d4b28e1621860b494e15cdfdf03481028bc378237
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3f1ba3cf6e84a4ad74aabdf15b2b0b5c811c5059bb1243200f7f886890fe762b
427e9daaa18f60041b58afa9b52d818ee47f8296b7047865b05f05ebdd891404
5e4b99b0a4b5780da1d136400ced9e773f08591bfffdc0ec72ac96a62656430a
61487252bef2a854bce64c70b3a3e0f55a10f4c4654524768e4d5453280910f9
74739fe83dfccec7af23bdc9d7a83911fd076af10e3876dfc956492c6e751fd5
8e8e6c8504e50c8471c5b2651b3c04513810c2cad54272a6d65498babf7fa7af
9228f8c7285383594b16e9aeb1bb34824afc98f1705618bfc532222a97a32b6c
a0c9e10401f67916a60d1b104656c37a0f011c060859f191e03f790c2222bc13
a6b350f447b9b9f4f8ff0b2a1a50193fd3e1d1a848391a8df5bbf88b28d494a8
aae9ba5999ca21c017f24416ffcc4c580f87cd10c7446208af2101abac5d918f
eefab92674cff8b2ce8031fc1de9617eebde0fdeca4315557e367cabe3350eaf
f5e6af21f046d4725495e620937c1df541669ea45eb30e56bded87670d28e468
f5fcf7ac4d360347e93f79cd03da6120980a2d63f5568abbbb53d34ae99bb781
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d